The present invention relates to security services in network communications. In a particular embodiment, the invention relates to securing electronic mail communications.
Individuals use electronic mail to exchange all types of data, from personal communications, to business data, to advertisements. One feature of e-mail is that it can be copied and sent to several recipients with an ease that surpasses paper mail or other forms of communication. This feature, while especially useful for distributing advertising, company newsletters, or other widely distributed information, can make the exchange of confidential information risky. An e-mail message directed to a single recipient may, through inadvertence or intentional misuse, be directed to countless unauthorized readers. Nevertheless, the convenience of e-mail often leads users to overlook this risk. Once an e-mail message has been sent, it can be difficult not only to ensure that no one other than intended recipients will receive the message, but also to be informed if an unintended recipient has read the message.
Electronic mail marketers can keep track of which recipients open e-mail advertisements by including a “Web bug” in their advertisements. A Web bug is an address embedded in a document in such a way that an e-mail client attempts to fetch a resource at the address when it renders the document. Web bugs are commonly employed in e-mail advertisements formatted in the hypertext markup language (HTML). Such Web bugs usually take the form of a reference to a single-pixel image file. Advertisers can include Web bugs that identify different resources in e-mail advertisements sent to different recipients. The advertiser can then keep track of which recipients open the advertisement by tracking which resources have been requested by the recipients' e-mail clients. Typically, a Web bug is an HTML “img” tag that specifies a one-pixel image that is not visible to the recipient. The “img” tag includes a uniform resource locator (URL) that uniquely identifies the recipient. For example, an HTML e-mail advertisement sent to the address smith@firm.org might contain the following Web bug: <img width=1 height=1 border=0 src=“http://webbug.com?recipient=smith%40firm.org”>.
When Smith receives the HTML mail, his e-mail client attempts to load the resource located at the URL “http://webbug.com?recipient=smith%40firm.org”. When a resource server at webbug.com receives a request to load this file, it knows that the e-mail sent to smith@firm.org has been opened. However, the resource server cannot determine whether the e-mail was read by the intended recipient—Smith—or by someone who has intercepted the e-mail or has otherwise received the e-mail without authorization.
The Internet protocol (IP) is commonly used for communications between computers on the World-Wide Web. An IP address is used to identify different nodes communicating over IP. On the Web, uniform resource locators (URLs) are used to identify resources. To request such a resource, a computer determines an IP address of the node from which the resource identified by the URL should be requested. One way for the computer to determine the IP address is to identify a domain name, such as www.website.com, in the URL and to determine an IP address based on the domain name. One way for a computer to determine an IP address based on a domain name is to consult a so-called “hosts” file at the computer, which provides a list of domain names and associates an IP address with each domain name in the list. Another way for a computer to determine an IP address based on a domain name is to send a domain name service (DNS) request to a domain name server, asking the domain name server for an IP address corresponding to the domain name.